Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. 12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Tech Republic Security

MAY 15, 2025

Instead of paying the $20 million ransom, Coinbase offered the same amount of money for information leading to the attackers.

Data breaches 68

Data breaches Big data Social Engineering Cryptocurrency 68

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. The now-defunct and always phony cryptocurrency trading platform xtb-market[.]com,

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

Security Affairs

APRIL 4, 2022

During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. A statement shared by Mailchimp CISO Siobhan Smyth with TechCrunch revealed that the company discovered the security breach on March 26.

Phishing 136

Phishing Data breaches Cryptocurrency Social Engineering 136

SecureWorld News

MAY 21, 2025

In a bold response to a sophisticated insider-led data breach, Coinbase has turned the tables on cybercriminals who recently targeted the organization with ransomware. Coinbase, the largest cryptocurrency exchange platform in the U.S.,

Ransomware 96

Ransomware Social Engineering Data breaches Cryptocurrency 96

Security Through Education

NOVEMBER 19, 2024

Social engineering scams frequently exploit our desire to help by using themes of sympathy and assistance to manipulate us. How It Works: The attacker collects personal information about the target through social media, data breaches, and publicly available online sources.

Social Engineering 52

Social Engineering Engineering Scams Cryptocurrency 52

Security Through Education

NOVEMBER 19, 2024

Social engineering scams frequently exploit our desire to help by using themes of sympathy and assistance to manipulate us. How It Works: The attacker collects personal information about the target through social media, data breaches, and publicly available online sources.

Social Engineering 52

Social Engineering Engineering Scams Cryptocurrency 52

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile 133

Mobile Data breaches Telecommunications Identity Theft 133

Security Affairs

JANUARY 12, 2025

cannabis dispensary STIIIZY disclosed a data breach A novel PayPal phishing campaign hijacks accounts Banshee macOS stealer supports new evasion mechanisms Researchers disclosed details of a now-patched Samsung zero-click flaw Phishers abuse CrowdStrike brand targeting job seekers with cryptominer China-linked APT group MirrorFace targets Japan U.S.

Data breaches 60

Data breaches Phishing Social Engineering Engineering 60

Krebs on Security

AUGUST 30, 2022

4 it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. On that last date, Twilio disclosed that on Aug. ” On July 28 and again on Aug. According to an Aug. In an Aug.

Mobile 342

Mobile Phishing Authentication Accountability 342

Identity IQ

JUNE 1, 2023

The Rise of AI Social Engineering Scams IdentityIQ In today’s digital age, social engineering scams have become an increasingly prevalent threat. Social engineering scams leverage psychological manipulation to deceive individuals and exploit the victims’ trust.

Social Engineering 52

Social Engineering Scams Engineering Identity Theft 52

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

Penetration Testing

JUNE 4, 2025

Coinbase suffered a data breach impacting 69,000 customers, linked to a third-party contractor. Personal info was leaked, raising security concerns.

Data breaches 56

Data breaches Social Engineering Cryptocurrency Engineering 56

Krebs on Security

JULY 22, 2020

According to 4iq.com , a service that indexes account details like usernames and passwords exposed in Web site data breaches, the jperry94526 email address was used to register accounts at several other sites over the years, including one at the apparel store Stockx.com under the profile name Josh Perry. CONSPIRACY.

Hacking 348

Hacking Accountability Scams Media 348

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 123

Data breaches Cybercrime Firewall Ransomware 123

eSecurity Planet

MARCH 24, 2022

On March 22, Microsoft confirmed a substantial breach by the LAPSUS$ hacking group. In a blog post detailing its efforts to track and contain the breach, Microsoft described LAPSUS$ as a “large scale social engineering and extortion campaign.” Mid-March, popular game developer Ubisoft reported a data breach.

Social Engineering 109

Social Engineering Data breaches Engineering Hacking 109

Appknox

JUNE 23, 2022

Thus, these Australian attacks significantly contribute to the rising trend in socially engineered attacks. Cryptocurrency and NFT attacks are rising as decentralized finance, and digital art assets become sophisticated socially engineered threats. Common Trends Among the Australian Mobile Threats.

Social Engineering 92

Social Engineering Mobile Scams Engineering 92

SecureWorld News

AUGUST 29, 2023

An advisory from the company states that a "highly sophisticated" SIM swapping attack targeted one of Kroll's employees, resulting in unauthorized access to personal information related to bankruptcy claimants associated with cryptocurrency firms FTX, BlockFi, and Genesis.

Cryptocurrency 104

Cryptocurrency Phishing Social Engineering Accountability 104

SecureWorld News

JULY 3, 2023

The global average data breach cost is $4.24 Human error accounts for 95% of all data breaches. According to PurpleSec, 98% of cybercrime relies on social engineering to accomplish it. Ransomware is malware that encrypts the victim's data and demands a ransom for its decryption.

Cybercrime 98

Cybercrime Data breaches Social Engineering Cyber threats 98

Security Affairs

FEBRUARY 26, 2023

Clasiopa group targets materials research in Asia CERT of Ukraine says Russia-linked APT backdoored multiple govt sites UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2) CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine Highly evasive cryptocurrency miner targets macOS Hackers are actively exploiting (..)

Social Engineering 98

Social Engineering Cryptocurrency Insurance Malware 98

CyberSecurity Insiders

AUGUST 24, 2022

And security researchers from ESET have discovered that the malware was uploaded to the VirusTotal operated system in Brazil and was targeted by a social engineering attack. North Korea’s Lazarus Group has reportedly designed new ransomware that is being targeted at M1 processors popularly running on Macs and Intel systems.

Ransomware 107

Ransomware Encryption Digital transformation Social Engineering 107

Security Affairs

FEBRUARY 6, 2022

LockBit ransomware gang claims to have stolen data from PayBito crypto exchange FBI issued a flash alert on Lockbit ransomware operation CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw Over 500,000 people were impacted by a ransomware attack that hit Morley Ransomware attack hit Swissport International causing delays (..)

Cryptocurrency 98

Cryptocurrency Social Engineering Small Business Ransomware 98

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 98

Malware Cybercrime Cryptocurrency Phishing 98

Digital Shadows

NOVEMBER 13, 2024

In late 2024, Russian ransomware groups began collaborating with native English speakers, boosting their social engineering capabilities. The group social-engineered the organization’s help desk, employing fluent English to achieve a reset of a compromised account’s password.

Social Engineering 59

Social Engineering Cybersecurity DDOS Ransomware 59

SecureList

NOVEMBER 9, 2022

In 2023, we might see a slight decline in ransomware attacks, reflecting the slowdown of the cryptocurrency markets. Since 2020, therefore, forms of spear phishing, social engineering and CEO fraud, as well as ransomware, become increasingly prevalent and will continue to be of considerable importance in 2023.

Cybersecurity 144

Cybersecurity Cyber Insurance Cybercrime IoT 144

SecureWorld News

NOVEMBER 11, 2021

Exploitation and Actions on the Objective – Typically, the exploited vulnerability is a human, someone who can be tricked through social engineering rather than malware. The payouts of the scam include financial gains through wire transfers, gift cards, and cryptocurrency, as well as information for use in other activities.

Scams 97

Scams Accountability Social Engineering Ransomware 97

Digital Shadows

NOVEMBER 14, 2024

In late 2024, Russian ransomware groups began collaborating with native English speakers, boosting their social engineering capabilities. The group social-engineered the organization’s help desk, employing fluent English to achieve a reset of a compromised account’s password.

Social Engineering 52

Social Engineering Cybersecurity DDOS Ransomware 52

Security Affairs

JANUARY 27, 2022

Other affected businesses include Chip, a UK-based savings app boasting 400,000 users; Hoolah, a shopping app with over 100,000 installs ; Mode, a cryptocurrency app with over 50,000 installs ; and Greenwheels, a car-sharing service with over 50,000 installs. However, the App Store doesn’t publicly share download data.

Identity Theft 98

Identity Theft Accountability Data breaches Social Engineering 98

eSecurity Planet

JULY 25, 2023

Organizations must practice incident response if they want to stop data breaches and cyberattacks. Social engineering attacks: These involve manipulating individuals to gain unauthorized access to sensitive information or systems. Cryptojacking : Unauthorized use of a computer’s processing power to mine cryptocurrencies.

Software 98

Software Data breaches DDOS Ransomware 98

Digital Shadows

NOVEMBER 26, 2024

This underscores the importance of having additional compensating controls and educating employees on the risks associated with phishing and other social engineering attacks. Compromised cloud storage can result in account breaches, data theft, or extortion in which attackers exploit reputational damage to demand ransoms.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

SecureList

NOVEMBER 14, 2023

This attack was highly targeted and showed particular interest in cryptocurrency companies, which may indicate that the ultimate goal of the attackers was financial gain. They advertise on dark web platforms and employ various techniques, including malware, phishing, and other social engineering methods.

Hacking 140

Hacking Energy and Utilities Malware Media 140

Pen Test

OCTOBER 10, 2023

Victims are instructed to pay a ransom payment, usually demanded in cryptocurrency, in exchange for the decryption key. If organizations don't pay up, they lose access to their critical data and applications. Even just the notification of a data breach can harm an organization's reputation and bottom line.

Ransomware 52

Ransomware Backups Insurance Cyber Insurance 52

Digital Shadows

OCTOBER 29, 2024

Among these experienced affiliates is the “Scattered Spider” group, known for its custom tools and advanced social engineering skills, which helped RansomHub become the most active ransomware group in Q3 2024 (see Figure 1). The breach significantly impacted the company, forcing a temporary halt to normal operations.

Ransomware 88

Ransomware Encryption Technology Cybercrime 88

eSecurity Planet

SEPTEMBER 2, 2024

Enterprises should activate data loss prevention and other security controls to limit hazards in AI technologies such as Copilot. Assess your risk tolerance to avoid data breaches from Copilots and safeguard bots with authentication measures. Victims of social engineering risked compromised systems and probable data theft.

Risk 57

Risk Firewall Firmware Engineering 57

Spinone

MAY 8, 2020

Below are figures from the IBM 2019 Cost of a Data Breach Report : The average time to identify a breach in 2019 was 206 days The average time to contain a breach was 73 days , for a total of 279 days The potential damage, stealing of data, and widespread compromise that can happen in the meantime can be enormous and catastrophic to your business.

Cyber Attacks 78

Cyber Attacks Phishing Backups Ransomware 78

Digital Shadows

OCTOBER 29, 2024

Among these experienced affiliates is the “Scattered Spider” group, known for its custom tools and advanced social engineering skills, which helped RansomHub become the most active ransomware group in Q3 2024 (see Figure 1). The breach significantly impacted the company, forcing a temporary halt to normal operations.

Ransomware 52

Ransomware Encryption Technology Cybercrime 52